usergroups Follow @yiiframework
68 followers Announcement: ¶
hi guys, unfortunately lately i've been in development hell since i moved to a new company, and i couldn't really give this module the time it really needs/deserve.
Still i don't want the module to just die, so i've decided that this w/e i'll move the module to github to allow whoever is interested to maintain/contribute to the project.
thanks a lot for your support, without you and your bug reports this module would've never become what it is right now.
update:
as promised here is the url of the git repository.
contact me for any kind of request regarding it.
Nick
userGroups let's you manage user and groups inside your applications. This modules comes in with features like user registrations, password retrieving, banning system, user activation system and so on.
userGroups auto install itself creating the required database tables and guiding you through the whole installation process, never leaving you wondering abot what you are supposed to do next.
Thanks to userGroups you will also have an extension of the accessControlFilter that will provide you with new rules for groups, levels and access permissions.
You will be able to grant different permissions (read, write and admin) to every user or group for every single controller inside your application.
Users will inherit their groups permission but you will be able to further customize every single user granting him special permissions.
It's up to you how to implement those permissions using, along with the old ones, new rule sets like:
- groups: let's you decide what group the user has to belong to perform an action
- levels: you can decide what level the user needs to perform an action
- permissions: you can decide that just users with a certain permission on that controller or another can perform a certain action
userGroups also can be configured to better suit your needs
and provides some cronjobs to unban your users and delete those that never activated their accounts.
You can even add new cron jobs just extending the provided class.
userGroups provides you with an exaustively written and full of examples documentation on how take better advantage of this module.
This module was coded using design patterns and other standards, taking true advantage of Yii core methods and most reknown practices, paying special attention to security issues.
Main Features ¶
New Rules Examples ¶
// allow all users who belong to the admin or core group // or to the group with id 5 to perform 'update' and 'admin' actions array('allow', 'actions'=>array('update','admin'), 'groups'=>array('admin', 'core', 5), ),
// allow all users with a level lower then 10, or equal to 20 // or higher or equal to 35 to perform an update action array('allow', 'actions'=>array('update'), 'level'=>array('<10', '20' ,'>=35'), ),
// allow all users with a level lower then 40 AND // higher then 35 to perform an update action array('allow', 'actions'=>array('update'), 'level'=>array('<40', '>35', 'strict' => true), ),
// allow users with admin permissions on this controller OR // the companies controller to access the update action. array('allow', 'actions'=>array('update'), 'pbac'=>array('admin', 'companies.admin'), ),
Profile Extensions ¶
If you need to add new fields to your profile thanks to this feature you can do it easily creating just your own models and view, without ever have to think about digging the module code.
For more info about how to use this feature read about it in the updated documentation inside the module.
If you need some examples download the profileExtension.tgz file.
Email Customization ¶
From version 1.6 you can now customize the emails that userGroups is sending to your users.
For more details read the module documentation.
Since version 1.8 the mail body message is stored inside view files to make it easier to change text and whatsoever.
Requirements ¶
Yii 1.1.7
Tested just on last versions of MySQL and Postgres.
Some issues where found on postgres (thanks artur_oliveira).
For more info look at the google code project page.
Tested on Yii 1.1.8
Installation ¶
This installation instruction are assuming that you are using urlManager, that you have showScriptName with a boolean false value and that you have an .htaccess file in your project root directory.
The module wasn't tested yet in the other possible conditions, so i apologies if you experience some problems.
If you want to know how to configure those settings read the urlManager section of this document.
To use this module just open the package,
copy the module directory inside the protected/modules/ directory of you application
and then add the module inside your application configuration file:
'modules'=>array( 'userGroups'=>array( 'accessCode'=>'type here your access code', ) ),
then into your browser go to yourApplicationRoot/userGroups and the installation process will guide you through.
urlManager Settings ¶
To setup urlManager go inside your configuration file and enable it:
// uncomment the following to enable URLs in path-format 'urlManager'=>array( 'urlFormat'=>'path', 'rules'=>array( '<controller:\w+>/<id:\d+>'=>'<controller>/view', '<controller:\w+>/<action:\w+>/<id:\d+>'=>'<controller>/<action>', '<controller:\w+>/<action:\w+>'=>'<controller>/<action>', ), 'showScriptName'=>false, ),
don't forget to set showScriptName just like in the example above.
Now download the htaccess.tgz archive, and copy the .htaccess file into your application root directory.
Remember that htaccess files won't work if you don't have mod rewrite enabled in apache.
Common Installation issues ¶
userGroups creates a new Controller.php file into your application component directory, and your application's controllers need to extend it.
If your controllers are extending another controller you'll have to copy inside it the public static $_permissionControl and the public function filterUserGroupsAccessControl that you'll find in the controller created by userGroups
What if installation won't work ¶
tell me about the problem and i'll fix it as soon as possible.
if you have any trouble during installation delete all the db tables created by the installation process before repeating it.
Updating the module ¶
If you'll need to update the module all you have to do is to overwrite the old files inside your version with the new ones.
Updating from 1.x to 1.6 ¶
Before copying the new files over the old ones login as Root.
Download the patch file.
The Patch file contains the PatchController. Just copy inside the userGroups controller directory, and then access it going to the url /userGroups/patch.
once the patch process is over delete the file.
Download the last version of userGroups.
Copy the new files over the old ones.
if you used the salt option you cannot truly update to this version. To improve security we changed how salt are used. If you want to upload to this version and you used a custom salt you'll have to recreate your users.
Updating from 1.x to 1.7.1 ¶
After this update the salt will no more be timezone-dependent.
From now on the salt timezone will be setted to UTC.
This means that probably your password won't work anymore.
To fix this issue you will have to reset your passwords.
To do so try to log-in and then follow the password reset link.
If you are on a development server and no email was sent to your email account containing the instructions about how to reset your password, open the db and get the activation_code value.
Then go to yourapplication/userGroups/user/activate and input your data on the form.
Updating from 1.7.1 to 1.8 and so on ¶
Since version 1.8 every time you'll have to update userGroups you have to login first with your root user, then copy the new files over the old ones, and after you've done that just go to the Root Tools page. A link will appear on the top, just click on it and follow the instructions.
Changelog ¶
8-5-2011
version 1.8 - stable and partially tested
fixed the following issues: #14, #15, #16, #17, #20.
from now on you'll be able to get the current user mail address with Yii->app()->user->email
if you have the swiftmail yii-mail component installed userGroups will use it to execute the sending action.
email body text is stored inside view files to make it easier for you to change it.
if the simple_password_reset setting is on the question and answer form fields won't appear in any form.
you can now use crontab to execute the cronjobs if you want to.
added several spelling corrections thanks to David Drury.
6-6-2011
version 1.7.1 - stable and tested
fixed issue #13, from now on the salt used it's not anymore timezone related
read the specific instructions about how to update
25-5-2011
version 1.7 - stable and tested
made several correction to avoid errors when using PHP with E_STRICT
improved UI on userGroups admin user gridview and list user's gridview
implemented a new method to store in session Profile Extension's attributes
16-5-2011
version 1.6.8 - stable
from now on there won't be any problem with controllers with the same class name or with modules that are not extending properly the controller generated by userGroups.
fixed the bug related to the compatibility of the changeIdentity method located inside WebUserGroups.
5-5-2011
version 1.6.7 - stable and fully tested release
corrected any bug related to profiles
corrected the blank-screen-after-login bug
5-2-2011
version 1.6.6 - stable release
corrected bug #10 (thanks artur)
corrected bug reported on the forum (thanks Dave_D)
4-26-2011
version 1.6.5 - stable release
corrected bugs #6, #8, #9
4-20-2011
version 1.6.4 - stable release
corrected bugs #3, #4, #5
4-18-2011
version 1.6.3 - stable release
implemented support for tablePrefix
solved bugs related to relative urls (thanks artur_oliveira and petar)
4-10-2011
version 1.6.2 - stable release
solved a case sensitive bug issue during installation (thanks julias).
4-7-2011
version 1.6.1 - stable release
solved a bug that didn't allowed a correct creation of new users
4-7-2011
version 1.6
added Email Customization
improved security against rainbow table attacks
added client side validation for profile updates
solved a bug occurring on case sensitive systems
solved a stupid issue that was preventing rememberMe to work properly.
if you used the salt option you cannot truly update to this version. To improve security we changed how salt are used. If you want to upload to this version and you used a custom salt you'll have to recreate your users.
3-28-2011
version 1.5
Profile Extensions now work on registration too
documentation of Profile Extensions improved
fixed an installation bug under Postgres (thanks Cam)
support for ClientValidation on registration
dropped support for Yii version 1.1.6
3-28-2011
version 1.4.3 - stable
fixed last bug occurring when not using Profile Extensions
3-28-2011
version 1.4.2
fixed a bug occurring when recovering user login from the cookie
fixed a bug that didn't let you create an instance of UserGroupsUser outside of the userGroups module
3-26-2011
version 1.4.1
fixed a logout permission issue: users could access the logout action just using ajax
3-25-2011
version 1.4
fixed a bug occurring with the new Profile Extensions feature.
3-25-2011
version 1.3
fixed a user creation bug that occurred when creating a user with no permissions from Root Tools
3-25-2011
version 1.2
fixed an installation bug (thanks inluxc)
updated the documentation
3-25-2011
version 1.1
fixed the rememberMe bug (thanks Gustavo)
added the new Profile Extensions feature
updated the documentation
3-24-2011
version 1.0
little correction to the documentation.
Issue Tracking ¶
if you are experiencing any issue with the module post it here or on the google code project page
Suggestions ¶
If you want to request a feature or make a suggestion visit the official topic
- License: New BSD License
- Developed by: nickcv
- Category: Auth
- Votes: +48 / -6
- Downloaded: 10,735 times
- Created on: Mar 24, 2011
- Last updated: Jun 1, 2012
- Tags: user, groups, access permissions, levels, registration, configuration, cronjobs, profiles
Total 20 comments
Yes i put that in controller before itself.Got the solution,now i am using pbac(Permission Based Access Control) option instead of users or groups in accessRules.
@ Y!!
have you put this in controller???
I gone through this extension,it allows me to creating users and groups in the front end.but it won't take the access permissions that we give in the front end check box.ie we have to specify in the controller only.any solution??
Hi, Sorry if its not the place.
Im trying to customize the form login. the only option I find is to change the css file. ok. but I want to place it in the corner of the page, I mean, in other place that is not the $content. Im trying to reference the login form as "Yii::app()->user->loginUrl" but its not working. some one has a better idea?
no, I don't have a double declaration of the controller! if I just hide that it works, but if I leave the file in place it won't allow me to add new users or groups!
Hi, i have a controller inside of component folder on costum module and the usergroup don't like :D
How i can resolve it?
Hi Nick,
It looks like this module assumes each user will belong to only one group. Is that correct? A user cannot be a member of multiple groups at one time?
@maxxer this normally means you have 2 different classes called mycontroller. Make sure you haven't declared that class twice.
@everyone else - anyone know how to translate these mod rewrite rules to IIS?
I have a custom controller and when I try to create a new user or a new group I get the following error:
any way to fix?
i reuploaded the file, now you should not have any more problems
@psenthilraja
I had also problem extracting file in ubuntu linux. I found a silly way to solve it:
renamed file to userExtensions.zip and extracted it (with right click -> extract here)
as a result I got one file userExtensions with no extension
renamed userExtensions to userExtensions.tar.gz
now it was possible to extract it (again right click -> extract here)
same with userGroups
can't explain but worked for me :)
I just tried it and no error was found.
@cfletcher1856 is something i was thinking about for next release :D
I downloaded the latest 1.8 pack, and i could not extract it. i am getting a message, that the file is corrupted.. could u pls check
Is there a way to associate specific profiles to groups?
I only want to show profile extensions to some of the groups and not all of them.
Thanks for the great extension
A question about Subfolders in Contollers can you implement that ? i have controllers/admin/NewsController but in usergruop this one will not show
Hi,
In windows 7 with Apache (XAMPP) If you are getting a 404 not found error when trying to install remove this line from the components/urlManager section in protected/config/main.php
Thanks again for the great job on the module!
Hello,
If I am logged in and change my MarkUp from 10 to 20, the code [code]Yii::app()->user->profile('Profile', 'MarkUp')[/code] returns 10 until I logout and login again.
This is saving me a lot of work. Thank You. Also, can you put a hook in to use our own encrypt routine? I want to port a site I wrote from codeigniter to yii.
Excellent ext :) I'm on a new project with features just like what you've provided here. thank you.
I've been using Rights and Yii-user for a long time, but this gem of a extension module put an end to that. Not that there's anything wrong with the two; yours is simply better. And then it's just one module, instead of two. That counts as well. I love it. Keep up the good work. It's appreciated. :)
Leave a comment
Please login to leave your comment.